Apache2 Proxy wrong routing - apache

I use apache2 as a proxy to distribute request for different URLs to different lxc containers on ubuntu 16.04 LTS
For example:
www.adomain.com is proxied to 10.0.3.100
www.bdomain.com is proxied to 10.0.3.101
etc.
In principle this works but fine, but now I see a strange behaviour.
Config file bbb.adomain.com:
<VirtualHost bbb.adomain.com:80>
ServerName bbb.adomain.com
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://10.0.3.104/
ProxyPassReverse / http://10.0.3.104/
<Location />
Order allow,deny
Allow from all
</Location>
</VirtualHost>
This works fine, every request for bbb.adomain.com ist proxied to 10.0.3.104
However, also requests to xxx.bdomain.com are proxied to 10.0.3.104, too. But xxx.bdomain.com is NOT configured as virtual host / servername in ANY apache .conf file.
How can I configure apache2, that any URL which is not configured as virtual host / servername is NOT proxied?
How can I debug apache2 to find out, why this domain xxx.bdomain.com is proxied?
By the way - the first apache config file is 000.conf:
<VirtualHost *:80>
ServerName catchall
<Location />
Order allow,deny
Deny from all
</Location>

You can try this basic configuration :
<VirtualHost *:80>
ServerName bbb.adomain.com
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://10.0.3.104/
ProxyPassReverse / http://10.0.3.104/
<Location />
Order allow,deny
Allow from all
</Location>
</VirtualHost>
<VirtualHost *:80>
ServerName xxx.bdomain.com
DocumentRoot /var/www/example
</VirtualHost>

Using the following steps:
1) Update virtual file:-
<VirtualHost *:80>
ServerAdmin admin#test.com
ServerName mysite.com
ServerAlias www.mysite.com
ProxyRequests Off Order deny,allow Allow from all
<Location />
ProxyPass http:// mysite.com:8000/
ProxyPassReverse http:// mysite.com:8000/
</Location>
</VirtualHost>
2) Enabling Necessary Apache Modules
To enable these four modules, execute the following commands in succession.
sudo a2enmod proxy
sudo a2enmod proxy_http
sudo a2enmod proxy_balancer
sudo a2enmod lbmethod_byrequests
3) To put these changes into effect, restart Apache.
sudo systemctl restart apache2

Related

Apache proxy/redirect to Tomcat works from 80 to 8080 but not from 443 to 8443

In my Apache configuration I have two virtual server setups, one for 80 and one for 443. My VirtualHost *:80 config successfully proxies/redirects a path to tomcat 8080, but my analogously configured VirtualHost *:443 config is not proxying to the required tomcat 8443.
I have checked the Connector in tomcat and can successfully hit the tomcat endpoints directly over 8443. I can also hit other parts of the web-server over 443, just not any of the app-server endpoints that require the proxy/redirect. So, I know that the certs and tomcat configs are working.
Apache and Tomcat are running on the same ec2 server.
<VirtualHost *:80>
ServerName cloviscorp.com
DocumentRoot /var/www/html/com/cloviscorp
<Directory "/var/www/html/com/cloviscorp">
Order Allow,Deny
Allow From All
AllowOverride All
Options -Indexes
</Directory>
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPreserveHost On
ProxyPass /ClovisWebApp http://localhost:8080/ClovisWebApp
ProxyPassReverse / http://localhost:8080/
... (CORS config and LOG setup) ...
</VirtualHost>
<VirtualHost *:443>
ServerName cloviscorp.com
DocumentRoot /var/www/html/com/cloviscorp
<Directory "/var/www/html/com/cloviscorp">
Order Allow,Deny
Allow From All
AllowOverride All
Options -Indexes
</Directory>
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPreserveHost On
ProxyPass /ClovisWebApp https://localhost:8443/ClovisWebApp
ProxyPassReverse / https://localhost:8443/
SSLEngine on
SSLCertificateFile "/etc/httpd/server.crt"
SSLCertificateKeyFile "/etc/httpd/server.key"
... (CORS config and LOG setup) ...
</VirtualHost>
When hitting http://www.cloviscorp.com/ClovisWebApp/authenticationservice/login I correctly proxy to http://www.cloviscorp.com:8080/ClovisWebApp/authenticationservice/login, but when I hit https://www.cloviscorp.com/ClovisWebApp/authenticationservice/login I get The requested URL /ClovisWebApp/authenticationservice/login was not found on this server.

Apache virtual host to tomcat server

I would like to set apache to root to my tomcat server in the same machine.Apache is listening to port 80 and tomcat to 9090. The dns name of my service is example.com.gr the machine ip is something like "150.111.111.11" and in the httpd file i wrote this
NameVirtualHost *:80
<VirtualHost *:80>
<ServerName example.com.gr
ErrorLog logs/example.com.gr.gr_error_log
TransferLog logs/example.com.gr.gr_access_log
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://150.111.111.11:9090/
ProxyPassReverse / http://150.111.111.11:9090/
<Location />
Order allow,deny
Allow from all
</Location>
</VirtualHost>
But when i hit example.com.gr i get (110) Connection timed out,but if i hit example.com.gr:9090 i see my portal.Any ideas?

Avoid the conflict on port 80 between nodejs and apache

The goal is to listen on port 80 with nodejs without killing apache.
I have to say my knowledges in network are very basic.
UPDATE
I am trying to use ProxyPass ProxyPassReverse on my local machine but there is something wrong.
Alias /test /media/www-dev/public/test
<Directory /media/www-dev/public/test>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory>
ProxyRequests off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass /test http://localhost:3000/
ProxyPassReverse /test http://localhost:3000/
</Location>
When i launch http://localhost/test on my browser i get a message Cannot GET /test/, if i stop to listen on the port 3000, then i get 503 Service Temporarily Unavailable my node app is listening on the port 3000.
If if commente the "Proxy" lines, i can reach the URL http://localhost/test again.
Why can i not access the URL http://localhost/test ? Is it because the proxy try to reach http://localhost:3000/ instead following the path of the alias /test ?
Thanks !
you need to create a virtual host in apache for your node app and proxy over the requests.
here is what mine looks like in /etc/apache/sites-available/dogself.com
<VirtualHost 69.164.218.75:80>
ServerName dogself.com
ServerAlias www.dogself.com
DocumentRoot /srv/www/dogself.com/public_html/
ErrorLog /srv/www/dogself.com/logs/error.log
CustomLog /srv/www/dogself.com/logs/access.log combined
ProxyRequests off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:3000/
ProxyPassReverse http://localhost:3000/
</Location>
</VirtualHost>
It sounds like you have a lot to research before you can get this working though. start reading docs
Alternative approach for a virtual host would be the following
<VirtualHost *:80>
ServerAdmin info#DOMAIN.com
ServerName DOMAIN.com
ServerAlias www.DOMAIN.com
ProxyRequests off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:3000/
ProxyPassReverse http://localhost:3000/
</Location>
</VirtualHost>
To fix the Internal Server ERROR just enable the right apache extension.
sudo a2enmod proxy_http
sudo service apache2 restart

How to configure apache with proxy_mod for domains redirect

I have a server with only one IP adress but a lot of domain (and sub-doman) but every domain have dedicated virtual machine on my Host Server.
I try to use mod_proxy for ProxyPass and Reverse request and, in apache conf i make it:
<VirtualHost *:80>
ServerAlias mydomain.domain.com
ProxyRequests Off
<Proxy />
Order deny,allow
Allow from all
ProxyPass http://192.168.1.8/
ProxyPassReverse http://192.168.1.8/
</Proxy>
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
ErrorLog ${APACHE_LOG_DIR}/error.log
</VirtualHost>
<VirtualHost *:80>
ProxyRequests Off
ServerAlias domain.domain2.org
ServerAlias subdomanin.domain.com
DocumentRoot /var/www
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
ErrorLog ${APACHE_LOG_DIR}/error.log
</VirtualHost>
In this conf:
domain.domain1.com -> go to 192.168.1.8
subdomanin.domain1.com and another domain -> go to document root.
With ProxyRequests On and "Allow from All" (this conf), apache is an openproxy...
With this config (and ProxyRequest Off), if someone request "www.google.it" with proxy mydomain.domain.com he don't have google but server redirect it to myNumericIp
What is right config for do if http://mydomain.domain.com/some request are redirect to myNumericIp with url http://my.Numeric.Ip/some otherwhise proxy don't response anything).
I try this:
<Proxy http://mydomain.domain.com/>
Order deny,allow
Allow from all
ProxyPass http://192.168.1.8/
ProxyPassReverse http://192.168.1.8/
</Proxy>
Or this:
<Proxy />
Order deny,allow
Allow from all
ProxyPass http://192.168.1.8/
ProxyPassReverse http://192.168.1.8/
</Proxy>
<Proxy *>
Order deny,allow
Deny from all
</Proxy>
But don't work...
Using the following steps:
1) Update virtual file:-
<VirtualHost *:80>
ServerAdmin admin#test.com
ServerName mysite.com
ServerAlias www.mysite.com ProxyRequests Off Order deny,allow Allow from all <Location />
ProxyPass http:// mysite.com:8000/
ProxyPassReverse http:// mysite.com:8000/
</Location>
2) Enabling Necessary Apache Modules
To enable these four modules, execute the following commands in succession.
sudo a2enmod proxy
sudo a2enmod proxy_http
sudo a2enmod proxy_balancer
sudo a2enmod lbmethod_byrequests
3) To put these changes into effect, restart Apache.
sudo systemctl restart apache2

Issues Setting up a reverse proxy in Apache

My roommate and I each have a separate webserver we are trying to set up. We are trying to use mod_proxy so that his server will forward requests to my machine (we have two seperate machines behind one router) based on the server name. I've given the basics of what we have in our apache config currently but we are getting a 403 Forbidden error when trying to access the second domain (the first, www domain, works fine).
NameVirtualHost *:80
<VirtualHost *:80>
DocumentRoot /var/www
ServerName www.<domain1>.com
</VirtualHost>
<VirtualHost *:80>
ProxyPreserveHost On
ProxyPass / http://<IP addr of other box>:80
ProxyPassReverse / http://<IP addr of other box>:80
ServerName <dummydomain>.gotdns.com
</VirtualHost>
Your mods-enabled/proxy.conf might be blocking any proxy requests (it's deny all by default). It should include the following instead:
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
EDIT: Also make sure that the mod_proxy submodules are sym linked into mods-enabled (in this case, the http sub module which is mods-available/proxy_http.load)
Just put both routes:
<VirtualHost *:80>
DocumentRoot "/app/"
ProxyPreserveHost On
ProxyRequests Off
ServerName app.yourdomain.com
ProxyPass /app http://yourIP:yourPort/app/
ProxyPassReverse /app http://yourIP:yourPort/app/
ProxyPass / http://yourIP:yourPort/app/
ProxyPassReverse / http://yourIP:yourPort/app/
</VirtualHost>
<Location "/app/" >
ProxyPass "http://yourIP:yourPort/app/"
ProxyPassReverse "http://yourIP:yourPort/app/"
ProxyPassReverseCookiePath "/app/" "/app/"
ProxyHTMLEnable Off
ProxyHTMLExtended On
ProxyHTMLURLMap "/app/" "/app/"
Order allow,deny
Allow from all
</Location>
This worked form me